[MDEV-30199] SSL_CTX_use_certificate:ee key too small reporting missing in 10.10.2 Created: 2022-12-11  Updated: 2023-11-28

Status: Open
Project: MariaDB Server
Component/s: SSL
Affects Version/s: 10.10.2
Fix Version/s: 10.4, 10.5, 10.6

Type: Bug Priority: Minor
Reporter: Roy Bellingan Assignee: Oleksandr Byelkin
Resolution: Unresolved Votes: 0
Labels: beginner-friendly
Environment:

Suse tumbleweed

Attachments: File ca-cert.pem     File server-cert.pem     File server-key.pem    

 Description   

Using an rsa:1024 key on 10.9.3 I have the error

SSL error: Unable to get certificate from '/srv/cert/s7/server-cert.pem'
2022-12-11 23:45:11 0 [Warning] Failed to setup SSL
2022-12-11 23:45:11 0 [Warning] SSL error: Unable to get certificate
2022-12-11 23:45:11 0 [Warning] SSL error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small
2022-12-11 23:45:11 0 [Note] Server socket created on IP: '0.0.0.0'.

But on 10.10.2 the warning became a less usefull

SSL error: Unable to get certificate from '/srv/certs/s7/server-cert.pem'
2022-12-11 23:44:33 0 [ERROR] Failed to setup SSL
2022-12-11 23:44:33 0 [ERROR] SSL error: Unable to get certificate
2022-12-11 23:44:33 0 [ERROR] Aborting

Also no idea why is now a fatal error, no idea

 Comments   
Comment by Sergei Golubchik [ 2022-12-26 ]

It's the fatal error because of MDEV-29811

Generated at Thu Feb 08 10:14:27 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.